Fix support for supplied CA certs

2023-10-10 13:36:53 +02:00 · 2021-07-26 10:25:06 +01:00 · 2021-07-26 10:25:06 +01:00 · 26087f8dc7
commit 26087f8dc7
parent 142176f194
2 changed files with 31 additions and 0 deletions
--- a/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js
+++ b/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js
@ -449,6 +449,10 @@ in your Node-RED user directory (${RED.settings.userDir}).
            if (tlsNode) {
                opts.https = {};
                tlsNode.addTLSOptions(opts.https);
+                if (opts.https.ca) {
+                    opts.https.certificateAuthority = opts.https.ca;
+                    delete opts.https.ca;
+                }
            } else {
                if (msg.hasOwnProperty('rejectUnauthorized')) {
                    opts.https = { rejectUnauthorized: msg.rejectUnauthorized };
--- a/test/nodes/core/network/21-httprequest_spec.js
+++ b/test/nodes/core/network/21-httprequest_spec.js
@ -1518,6 +1518,33 @@ describe('HTTP Request Node', function() {
            });
        });

+        it('should use tls-config and verify serverCert', function(done) {
+            var flow = [
+                {id:"n1",type:"http request",wires:[["n2"]],method:"GET",ret:"txt",url:getSslTestURLWithoutProtocol('/text'),tls:"n3"},
+                {id:"n2", type:"helper"},
+                {id:"n3", type:"tls-config", cert:"test/resources/ssl/server.crt", key:"test/resources/ssl/server.key", ca:"test/resources/ssl/server.crt", verifyservercert:true}];
+            var testNodes = [httpRequestNode, tlsNode];
+            helper.load(testNodes, flow, function() {
+                var n3 = helper.getNode("n3");
+                var n2 = helper.getNode("n2");
+                var n1 = helper.getNode("n1");
+                n2.on("input", function(msg) {
+                    try {
+                        msg.should.have.property('payload','hello');
+                        msg.should.have.property('statusCode',200);
+                        msg.should.have.property('headers');
+                        msg.headers.should.have.property('content-length',''+('hello'.length));
+                        msg.headers.should.have.property('content-type').which.startWith('text/html');
+                        msg.should.have.property('responseUrl').which.startWith('https://');
+                        done();
+                    } catch(err) {
+                        done(err);
+                    }
+                });
+                n1.receive({payload:"foo"});
+            });
+        });
+
        //Removing HTTP Proxy testcases as GOT + Proxy_Agent doesn't work with mock'd proxy
        /* */
        it('should use http_proxy', function(done) {